Tom- Administration via the GBAdmin is encrypted using 64-bit Blowfish algorythm. If you are logging into the GNAT Box using the GBAdmin then all information is encrypted (including the logon and password). Administering the firewall via the Web interface is not encrypted. If you are concerned that your user name and password might be stolen then we recommend that you only administer the GNAT Box via the console on the GNAT Box or with the GBAdmin.
-John Ross At 09:17 AM 2/8/00 -0600, you wrote: >Send postings to: [EMAIL PROTECTED] >Access the list archives at: >http://www.gnatbox.com/gb-users/ >---------------------------------- > > >Hi, > >During a recent security audit, several questions were raised about the >gnatbox firewall I had installed on our system. I was able to verify that >gnatbox was ICSA certified, but I was unable to answer questions about >the type of encryption used by the Web User interface and the GBAdmin >interface. This prompts me to ask a couple questions: > > - are signons to administration tools done with encrypted > accounts and passwords? > - is the whole of the administration session encrypted, or > just the signon? > - if encryption is used, what type is it? > - can any one recommend a freeware network sniffer for linux > or W95 that I could use to view my administration session? > >Thanks in advance, - Tom > > >---------------------------------------------- >To Unsubscribe: send mail to [EMAIL PROTECTED] >with "unsubscribe gb-users your_email_address >in the body of the message Global Technology Associates, Inc. 3505 Lake Lynda Drive Suite 109 Orlando, FL 32817 USA Tel: +1.407.380.0220 x105 Fax: +1.407.380.6080 http://www.gnatbox.com
